<?php
/** 票付通对外接口入口地址 目前只有厦门开发组在用
 * Created by PhpStorm.
 * User: KaZeline
 * Date: 15-10-13
 * Time: 下午3:26
 */

exit;
/*
 *  1.接口访问方式为http REST方式实现。接口用post方式请求。
    2.加密验证参数sign为其他所有参数以字母顺序从a->z,组成key1=val1&key2=val2&...的形式后,再进行md5加密.
    例:某API参数为array('time'=>'2015-10-13','mid'=>1、'name'=>'example',则$sign=md5
(mid=1&name=example&time=2015-10-13).
    3.返回的数据解压方式为 json_decode(base64_decode($return)).
    4.所有API必传帐号(ac)密码(pw)参数,以下接口说明中将不再说明.
    5.带*号的参数为非必需参数
 */

//验证发送参数
if(!$_POST['ac'] || !$_POST['pw'] || !$_POST['sign'] || !$_POST['action']) response(102);
ksort($_POST);
$sign = $_POST['sign'];
unset($_POST['sign']);
$query_str = http_build_query($_POST);
if(md5($query_str) != $sign)  response(102);


$_POST['pw'] = md5($_POST['pw']);
if($_POST['password']) $_POST['password'] = md5($_POST['password']);
//file_put_contents('log.txt','
//'.json_encode(array_merge(array('request_time'=>$_SERVER['REQUEST_TIME'],'remote_addr'=>$_SERVER['REMOTE_ADDR']),$_POST)),FILE_APPEND);

use \PFT\Db;
use \pft\Member\MemberAccount;
include '/var/www/html/new/d/common/func.inc.php';
include '/var/www/html/new/d/class/MemberAccount.class.php';
include '/var/www/html/new/d/module/common/Db.class.php';
$dbConf = include '/var/www/html/new/d/module/common/db.conf.php';// 远端服务器配置信息
Db::Conf($dbConf['localhost']);


//表 pft_api_account  记录使用接口的各个用户的信息
/* 暂定字段
 * ac
 * pw
 * time 每天请求次数 超过两千次禁止再请求
 * last_date最后请求日期
 * */
$connect = Db::connect();

/*
$sql = "select id from pft_member where account=? and password=? limit 1";
$stmt = $connect->prepare($sql);
$stmt->execute(array($_POST['ac'],$_POST['pw']));
$row = $stmt->fetch(\PDO::FETCH_ASSOC);
if(!$row['id'])
*/
if($_POST['ac']!='xiamenpiaofutong' || $_POST['pw'] !='4548d08b16c4bdbddd1f7f526963a630')
    response(101);

//如果上次访问日期不是今天 则重置访问次数 否则+1
/*
$today = date('Y-m-d');
if($row[0]['time']>=2000 && date('Y-m-d',$_SERVER['REQUEST_TIME'])==$row[0]['last_date']) response(110);
$sql = "update pft_api_account set time=time+1 ";
if(date('Y-m-d')>$row[0]['last_date']) $sql = "update pft_api_account set time=1,last_date='$today'";
$sql .= "where ac=? and pw=? limit 1";
$stmt->prepare($sql);
$stmt->excute(array($_POST['ac'],$_POST['pw']));
*/
$soap = new SoapClient(null,array(
        "location" => "http://localhost/open/openService/pft_insideMX.php",
        "uri" => "www.16u.com?ac_16u=16ucom|pw_16u=c33367701511b4f6020ec61ded352059|auth_16u=true")
);
$action = $_POST['action'];
switch ($_POST['action']) {
    //会员信息
    case 'MemberInfo':
        //fid和account至少要传一个
        if( (!($_POST['fid']+0) && !($_POST['account']+0)) || !$_POST['password']) response(103);
        $query = array($_POST['password']);
        if($_POST['fid']+0) {
            $where .= " and id=? ";
            array_push($query,$_POST['fid']);
        }
        if($_POST['account']+0){
            $where .= " and account=? ";
            array_push($query,$_POST['account']);
        }
        $sql = "select id as fid,account,dtype,mobile,dname from pft_member where  password=? and dtype in (0,1,2,3) $where limit 1";
        $stmt =$connect->prepare($sql);
        $stmt->execute($query);//password在文件一开头已经md5了
        $row = $stmt->fetch(\PDO::FETCH_ASSOC);
        $response = 111;
        if($row['fid']){
            $row['money'] = (string)simplexml_load_string($soap->PFT_Member_Fund($_POST['fid']))->Rec->UUamoney;
            $response = $row;
        }
        response($response);
        break;

    //会员充值,消费
    case 'FundModify':
        if(!$_POST['fid'] || !$_POST['password'] ||
            $_POST['modify']!='0' || $_POST['modify']!='1'||
            $_POST['money']+0==0
        ) response(103);
        $sql = "select id as fid from pft_member where id=? and password=? and dtype in (0,1,2,3)limit 1";
        $stmt =$connect->prepare($sql);
        $stmt->execute(array($_POST['fid'],$_POST['password']));//password在文件一开头已经md5了
        $row = $stmt->fetch(\PDO::FETCH_ASSOC);
        $response = 111;
        if($row['fid']){
            $response = array('status'=>'fail');
            $res = $soap->PFT_Member_Fund_Modify($_POST['fid'],0,$_POST['money'],$_POST['modify'],0,null,3,0);
            if($res == 100)
                $response = array('status'=>'success');
        }
        response($response);
        break;

    //微信绑定
	case 'OpenChkBindStatus':
        if(!$_POST['openid']) response(103);
        $tousername = $_POST['appid']?$_POST['appId']:'wx6ebc34778c9326f6';
        if($_POST['fid']) $where = 'and fid=? ';
        $sql = "SELECT fid FROM uu_wx_member_pft WHERE fromusername=? AND tousername=? ";
        $sql .= $sql.$where." limit 1";
        $stmt =$connect->prepare($sql);
        $stmt->execute(array($_POST['openid'],$tousername,$_POST['fid']));
        $row = $stmt->fetch(\PDO::FETCH_ASSOC);
        $response = array('is_bind'=>0,'fid'=>'');
        if($row['fid']) $response = array('is_bind'=>1,'fid'=>$row[0]['fid']);
        response($response);
        break;

    //发送短信验证码
    case 'SendVcode':
        if(!ismobile($_POST['mobile'])) response(103);
        $mobile = $_SESSION['mobile'] = $_POST['mobile'];
        $sms_tpl_file = '/var/www/html/new/d/tpl/sms/register.txt';
        if(file_exists($sms_tpl_file)) {
            $tpl = file_get_contents($sms_tpl_file);
        }
        else {
            $response = 143;
            response($response);
            break;
        }

        $r = MemberAccount::SendVerifyCode($mobile, $tpl, $soap, true);
        if ($r==100) {
            $response = array('status'=>'success');
        } elseif ($r==-1) {
            $response = 141;
        } else {
            $response = 142;
        }
        response($response);
        break;

    //注册
    case 'Register':
        if(!ismobile($_POST['mobile'])||
           !$_POST['dname'] || !$_POST['vcode'] ||
           !$_POST['password'] || !$_POST['repeat_password']
        ) response(103);
        $mobile = $_POST['mobile'];//客户端需要先检查手机号格式
        $dname  = safetxt($_POST['dname']);
//        $dType  = 5;//分销商身份的散客
        $dType  = isset($_POST['dtype'])? intval($_POST['dtype']) : 5;
        $repwd  = md5($_POST['repeat_password']);
        $pwd    = md5($_POST['password']);//密码，客户端需先md5加密一次。
        $invId  = 0;
        if (isset($_POST['vcode'])) {
            $code = MemberAccount::ChkVerifyCode($mobile, $_POST['vcode']);
            if ($code===-1 ) {
                $response = 151;
                response($response);
                break;
            } elseif($code===false) {
                $response = 152;
                response($response);
                break;
            }
        }
        $result = $memObj->mobileRegister($mobile, $dType,$dname, $pwd, $invId, 2);
        $response = array('account'=>$result);
        response($response);
	default:
		# code...
		break;
}

Db::Close();
function response($sth){
//    ErrorCode:101;无授权，拒绝连接
//    ErrorCode:102;传输数据类型出错
//    ErrorCode:103;请求接口没有传入所有必须参数
//    ErrorCode:110;提交次数超过每日上限
//    ErrorCode:111;请求参数不匹配
//    ErrorCode:141;短信发送间隔低于120秒
//    ErrorCode:142;短信发送失败
//    ErrorCode:143;短信模版不存在
//    ErrorCode:151;短信验证码已失效或不存在
//    ErrorCode:152;短信验证码错误
    $return = array('code'=>'200','list'=>$sth);
    if(is_numeric($sth)) $return = array('code'=>$sth);
    echo (base64_encode(json_encode($return)));
    exit;
}
